top of page

Selected GRC & Cybersecurity Projects

A snapshot of the governance, risk & compliance work I’ve led across vendor risk, ISO 27001 readiness, compliance tracking, and security governance projects.

​Vulnerability Risk Intelligence & Compliance Assurance

Enterprise vulnerability assessment translating technical findings into audit impact, regulatory exposure, and remediation priorities. Includes a live interactive dashboard and control mapping across NIST CSF 2.0, ISO 27001:2022, and PCI DSS 4.0.

Global Retailer – Third-Party Risk Management

Designed a practical TPRM framework with vendor inventory, criticality tiers, and due diligence mapped to PCI DSS, ISO 27001 and SOC 2, plus a 5-week rollout roadmap.

View Project
Energy & Utilities Multi-Framework Compliance Tracker

Built a centralized tracker to manage renewals and evidence across PCI DSS, SOC 2, ISO 27001 and vendor certifications, improving audit readiness and reducing missed renewals.

View Project
End-to-End Third-Party Risk Management (ServiceNow TPRM)

Executed a full third-party due diligence lifecycle in ServiceNow, including onboarding, inherent risk tiering, risk-based assessments, issue management, and closure aligned to OSFI B-10, ISO 27001, and SOC 2.

View Project
SaaS Provider – ISO 27001 Readiness Assessment

Performed a readiness review against ISO/IEC 27001:2022, mapped controls to existing processes, identified high-risk gaps, and built a phased remediation plan with clear ownership.

View Project
Enterprise GRC – Risk Register & Metrics Dashboard

Developed a risk register and dashboard combining key risks, control status, and remediation progress to support clearer prioritization and senior leadership reporting.

View Project
Security Incident Response (SIR) Workflow Build – Access Control & TLP Enforcement (ServiceNow)

Built and validated a Security Incident Response workflow in ServiceNow, enforcing escalation, playbook-driven response, and TLP-based access control for sensitive incidents.

 

View Project
bottom of page